From 7b5da77f7395a5ab06a013fee8676154f88dc5a4 Mon Sep 17 00:00:00 2001 From: Leo Sandoval Date: Wed, 17 Jul 2024 12:36:16 -0600 Subject: [PATCH] grub.cfg: Fix rpm grub.cfg verification issues Fix the rpm verificaton issues (see below) introduced in 2.06.123 [1]. On the other hand, 2.06.125 [2] introduced a change on grub2-mkconfig where it prevents overwritting {EFI_HOME}/grub.cfg with side effects on the %posttrans spec script, where it tries to recreate it in case this file does not exist but due to [2] the {EFI}/grub.cfg file is never created. Fix the %posttrans code with the logic but applied to {GRUB_HOME}/grub.cfg. Issue detected on RHEL CI but also reproduced on fedora since 2.06.123, where this change fixes it. $ rpm -Vqa . . .M....... c /boot/grub2/grub.cfg .M....... c /boot/efi/EFI/fedora/grub.cfg .M....... c /boot/grub2/grub.cfg .M....... c /boot/efi/EFI/fedora/grub.cfg .M....... c /boot/grub2/grub.cfg [1] https://src.fedoraproject.org/rpms/grub2/c/a137559e7192ae1054312d6b537c80aff10ffd8b?branch=rawhide [2] https://src.fedoraproject.org/rpms/grub2/c/f28d50ee44af0bcfa363493ae214ea88da546b35?branch=rawhide Signed-off-by: Leo Sandoval --- grub.macros | 5 +++-- grub2.spec | 13 +++++++------ 2 files changed, 10 insertions(+), 8 deletions(-) diff --git a/grub.macros b/grub.macros index 205a953..061c778 100644 --- a/grub.macros +++ b/grub.macros @@ -674,7 +674,8 @@ install -d -m 0700 ${RPM_BUILD_ROOT}%{_sysconfdir}/sysconfig \ touch ${RPM_BUILD_ROOT}%{_sysconfdir}/default/grub \ ln -sf ../default/grub \\\ ${RPM_BUILD_ROOT}%{_sysconfdir}/sysconfig/grub \ -touch ${RPM_BUILD_ROOT}/boot/grub2/grub.cfg \ +touch grub.cfg \ +install -m 0600 grub.cfg ${RPM_BUILD_ROOT}/boot/grub2/ \ ln -s ../boot/grub2/grub.cfg \\\ ${RPM_BUILD_ROOT}%{_sysconfdir}/grub2.cfg \ %{nil} @@ -719,7 +720,7 @@ ln -s ../boot/grub2/grub.cfg \\\ %attr(0700,root,root)/boot/grub2/fonts \ %dir %attr(0700,root,root)/boot/loader/entries \ %ghost %config(noreplace) %attr(0600,root,root)/boot/grub2/grub.cfg \ -%ghost %config(noreplace) %verify(not mtime) %attr(0600,root,root)%{efi_esp_dir}/grub.cfg \ +%ghost %config(noreplace) %verify(not mtime) %attr(0700,root,root)%{efi_esp_dir}/grub.cfg \ %config(noreplace) %verify(not size mode md5 mtime) /boot/grub2/grubenv \ %attr(0644,root,root) %config(noreplace) /etc/dnf/protected.d/grub2-%{1}.conf \ %{expand:%if 0%{?without_efi_modules} \ diff --git a/grub2.spec b/grub2.spec index 88f1fcd..9b80199 100644 --- a/grub2.spec +++ b/grub2.spec @@ -17,7 +17,7 @@ Name: grub2 Epoch: 1 Version: 2.06 -Release: 125%{?dist} +Release: 126%{?dist} Summary: Bootloader with support for Linux, Multiboot and more License: GPL-3.0-or-later URL: http://www.gnu.org/software/grub/ @@ -356,11 +356,9 @@ if ! mountpoint -q ${ESP_PATH}; then exit 0 # no ESP mounted, nothing to do fi -if test ! -f ${EFI_HOME}/grub.cfg; then - # there's no config in ESP, create one - grub2-mkconfig -o ${EFI_HOME}/grub.cfg - cp -a ${EFI_HOME}/grub.cfg ${EFI_HOME}/grub.cfg.rpmsave - cp -a ${EFI_HOME}/grub.cfg ${GRUB_HOME}/ +if test ! -f ${GRUB_HOME}/grub.cfg; then + # there's no config in GRUB home, create one + grub2-mkconfig -o ${GRUB_HOME}/grub.cfg fi if (((grep -q "configfile" ${EFI_HOME}/grub.cfg && grep -q "root-dev-only" ${EFI_HOME}/grub.cfg) || grep -q "source" ${EFI_HOME}/grub.cfg) && ! grep -q "# It is automatically generated by grub2-mkconfig using templates" ${EFI_HOME}/grub.cfg); then @@ -555,6 +553,9 @@ mv ${EFI_HOME}/grub.cfg.stb ${EFI_HOME}/grub.cfg %endif %changelog +* Mon Jul 22 2024 Leo Sandoval - 2.06.126 +- grub.cfg: Fix rpm grub.cfg verification issues + * Tue Jul 16 2024 Nicolas Frayer - 2.06-125 - grub2-mkconfig: Prevent mkconfig from overwriting grub cfg stub